implementing-opa-gatekeeper-for-policy-enforcement

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow explicitly instructs cloning and applying the public Gatekeeper policy library (references/workflows.md Phase 2: "git clone https://github.com/open-policy-agent/gatekeeper-library.git" and related SKILL.md steps), so untrusted, user-hosted policy templates are fetched from a public third‑party and then deployed/read as part of the agent's policy/constraint workflow, allowing external content to materially influence enforcement and subsequent agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The installation workflow includes runtime commands that fetch and install a remote Helm chart (helm repo add / helm install) from https://open-policy-agent.github.io/gatekeeper/charts, which pulls and executes remote Kubernetes manifests into the cluster and is a required runtime dependency for the skill.